| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
There's no synchoronization between the intermediate process
and the double-forked child, and the semantics are not useful.
Refuse such combination.
|
|
|
|
| |
See justifications at https://github.com/systemd/systemd/pull/32235#issuecomment-2062327783
|
|\
| |
| | |
Follow-ups for #34909.
|
| |
| |
| |
| |
| | |
Otherwise, when a .netdev file for tun or tap netdev is updated,
reloading the file leaks the previous file descriptor.
|
| |
| |
| |
| |
| | |
Some bonding parameters cannot be updated when the netdev is already up
or already has at least one slave interface.
|
| |
| |
| |
| |
| | |
Some netdevs cannot update there properties after created.
Let's skip requests in that case.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Follow-up for 1003093604661bd984574889167f2ff4dfd6209c.
If a netdev is detached for some reasons, then previously the request
was simply cancelled, and the underlying interface never enter the
configured state, as the 'stacked_netdevs_created' flag never set.
This makes the counter decremented manually by the function, and set the
flag. So, the underlying interface can eter the configured state.
|
| |
| |
| |
| |
| |
| |
| | |
After PR #34909, networkd tries to update an existing netdev interface if
possible. But, when .netdev files are loaded on start, we have not
enumerate interfaces, so we do not know if the corresponding interface
exists or not. Let's delay processing request a bit.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Follow-up for PR #34909.
This fixes an issue that network interfaces cannot join a master netdev,
like bond or bridge, when the corresponding .netdev is reloaded.
With PR #34909, networkd supports reloading .netdev files. However,
When a .netdev file is modified and reloaded, ifindex is copied from
the old NetDev object to the new one. Thus, even if the interface is
successfully updated, netdev_set_ifindex_impl() will return 0 and
netdev_enter_ready() will never called. If the netdev is a kind of
master netdev, then port interfaces cannot join the master netdev,
as REQUEST_TYPE_SET_LINK_MASTER requires that the master netdev is
in the ready state.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Follow-up for 17c5337f7b2993619d84acc2088b2ba1789e6477.
Older kernels (older than v6.5) refuse RTM_NEWLINK messages with IFLA_ADDRESS
attribute when the netdev already exists and is running, even if the MAC
address is unchanged.
So, let's not set IFLA_ADDRESS or IFLA_MTU if they are unchanged, and
set the attributes only when we can update them.
|
| |
| |
| |
| | |
Otherwise, the kernel older than v6.2 will refuse the netlink message.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Outside of x86, some machines (e.g. Apple silicon, AMD Opteron A1100)
have physical memory mapped above 4GiB, meaning this allocation will
fail, causing the entire boot process to fail on these machines.
This commit makes it so that the below-4GB address space allocation
requirement is only set on x86 platforms, and not on other platforms
(that don't have the specific Linux x86 boot protocol), thereby fixing
boot on those that have no memory mapped below 4GiB in their address
space.
Tested on an Apple silicon M1 laptop and an AMD x86_64 desktop tower.
Fixes: #35026
|
|\ \
| | |
| | |
| | | |
fixes for sd_bus_error handling (#35150)
|
| | |
| | |
| | |
| | |
| | |
| | | |
When kill_whom == _ALL, there can be two cases that lead to
ESRCH: the session expects no scope at all or the scope is
not active. Let's distinguish the two cases.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The concept of synthetic errnos is about logging, which
is irrelevant irt bus error and we don't do any special
treatment in sd-bus for them, meaning the value propagated
would be spurious.
|
| |/ |
|
| |
| |
| |
| |
| | |
KeepConfiguration=dhcp keeps not only DHCP configurations but
also SLAAC or IPV4LL. Let's rename the value to 'dynamic'.
|
| |
| |
| |
| |
| | |
This is similar to what we do for DHCPv4 address, but for IPv4LL
address.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
KeepConfiguration=dhcp-on-stop
By the previous commit, configuration source of addresses and routes are
saved on stop and restored on start. Hence, we can keep dynamic
configurations on stop.
Co-authored-by: Jian Zhang <zhangjian.3032@bytedance.com>
|
|/
|
|
|
|
|
|
|
|
| |
Currently, only configuration sources and providers of addresses and
routes are serialized/deserialized.
This should mostly not change behavior, as dynamic (except for DHCPv4)
configurations will be dropped before stopping networkd, and for DHCPv4
protocol, we have already had another logic to handle DHCPv4
configurations.
Preparation for later commits.
|
| |
|
|\
| |
| |
| |
| |
| |
| | |
Follow-up for 972f1d17ab461a51142a142609dd3ec50bae8440.
This fixes the logic of removing unnecessary routes configured by the
previously received RAs. Previously, we wrongly handled existing routes
could be updated, and unexpected routes would be kept.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
if existing route can be updated
Follow-up for 972f1d17ab461a51142a142609dd3ec50bae8440.
This fixes the logic of removing unnecessary routes configured by the
previously received RAs. Previously, we wrongly handled existing routes
could be updated, and unexpected routes would be kept.
|
| |
| |
| |
| |
| |
| | |
These applies common parameters to the route to be requested or removed.
No functional change, just refactoring and preparation for later
commits.
|
| |
| |
| |
| |
| |
| | |
- drop unnecessary call of ndisc_set_route_priority() at the beginning,
as it is called later in the loop below,
- use RET_GATHER() and remove all possible routes even if failed.
|
| |
| |
| |
| |
| |
| | |
where applicable
No functional change, and preparation for later commits.
|
|\ \
| | |
| | |
| | | |
Fixes: #35033
Fixes: #35100
|
| | | |
|
| | |
| | |
| | |
| | | |
Fixes: #35100
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Apparently this happens IRL on some systems, let's handle this
gracefully and don't log.
Fixes: #35033
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
invoked in a container (#35072)
The auditing subsystem is still not virtualized for containers, hence
the two values don't really make sense inside them, they will just leak
information from outside into the container. Hence don't make use of the
data if we detect we are run inside of a container.
This has visible effects: logind will no longer try to reuse the
auditing session ids as its own session ids when run inside a container.
While are at it, modernize the calls in more ways:
1. switch to pidref behaviour, all but one of our uses are using pidref
anyway already.
2. use read_virtual_file() + proc_mounted()
3. reasonably distinguish ENOENT errors when reading the process proc
files: distinguish the case where /proc is not mounted, from the case
where the process is already gone, from where auditing is not enabled in
the kernel build.
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Who knows what kind of mount shenanigans people employ, let's gracefully
handle parse failures of proc files, like we alway do otherwsie.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Use ERRNO_IS_xyz() macros where appropriate.
Also, reduce indentation a bit by inverted early check.
And log in more error codepaths.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
invoked in a container
The auditing subsystem is still not virtualized for containers, hence the two
values don't really make sense inside them, they will just leak
information from outside into the container. Hence don't make use of the
data if we detect we are run inside of a container.
This has visible effects: logind will no longer try to reuse the
auditing session ids as its own session ids when run inside a container.
While are at it, modernize the calls in more ways:
1. switch to pidref behaviour, all but one of our uses are using pidref
anyway already.
2. use read_virtual_file() + proc_mounted()
3. reasonable distinguish ENOENT errors when reading the process proc
files: distinguish the case where /proc is not mounted, from the case
where the process is already gone, from where auditing is not enabled
in the kernel build.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Apparently some terminal emulators have problems with overly long
titles, hence truncate them at some safe length (128).
Also, when parsing ANSI sequences ourselves accept longer sequences
(192), after all we should be fine when parsing our own title sequences.
Fixes: #35104
|
| |/ /
|/| |
| | |
| | | |
Prompted by https://github.com/systemd/systemd/pull/35110#discussion_r1835885340
|
| | |
| | |
| | |
| | | |
Let's show an idcard logo instead, to indicate that we changed ids.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
|/ / |
|
|/ |
|
|\
| |
| | |
Fixes #35047.
|
| |
| |
| |
| | |
Similar to the previous commit, but for nexthop.
|
| |
| |
| |
| |
| |
| |
| | |
When an interface went down, IPv4 non-local routes are removed by the
kernel without any notifications. Let's forget the routes in that case.
Fixes #35047.
|
| |
| |
| |
| |
| |
| | |
When a nexthop is removed, routes depend on the removed nexthop are
already removed. It is not necessary to remove them, as already
commented. Let's forget them without trying to remove.
|
| |
| |
| |
| |
| | |
Previously, when a nexthop is removed, depending nexthops were removed, but
that's not necessary, as the kernel keeps them, at least with v6.11.
|
| |
| |
| |
| |
| |
| | |
Follow-up for 6f09031e4d04727cc72164fefcbc763e37556493.
The function has been introduced by the commit, but it has never been used...
|
|\ \
| |/
|/|
| |
| |
| |
| | |
Let's gather generic key/certificate operations in a new tool
systemd-keyutil instead of spreading them across various special purpose
tools.
Fixes #35087
|